Dragos has added critical capabilities for protecting operational technology (OT) environments by acquiring Network Perception, makers of NP-View, an award-winning network visualization platform for OT networks. This acquisition brings key technology that secures remote access by analyzing the configuration of firewall policy, router and switch access path, and network segmentation. Customers can identify unintended access paths into and through OT environments, acquiring critical information to reduce risk and create a more defensible architecture.
Network Perception was founded in 2014 by Dr. Robin Berthier and a team of security experts from the University of Illinois, responding to an urgent call to protect critical infrastructure against growing cyber threats. The company’s origins trace back to research funded by the Department of Energy and the Department of Homeland Security, where Berthier and his team were tasked with developing next-generation network modeling solutions to safeguard the electrical grid. Collaborating closely with industry partners like Ameren and ComEd, the team identified the overwhelming challenge of manually managing and verifying thousands of complex firewall rules to secure critical assets. This collaborative effort led to a new way to understand networks and verify how access policies protected vital infrastructure.
We are excited to combine our teams, which include some of the brightest minds in industrial cybersecurity, to accelerate innovation and help customers defend against threats and meet regulatory requirements today and tomorrow.
Sign up for more information about Dragos & Network Perception, including upcoming webinars.
Sign Up Today!Offering Comprehensive Visibility for Better Cyber Defense & Regulation Compliance
This acquisition expands the Dragos Platform which provides OT network visibility and monitoring to discover and track OT assets, detect threats, manage vulnerabilities, and respond to potential incidents with response playbook and best-in-class digital forensics. Now bolstered by Network Perception technologies, Dragos offers organizations an unprecedented level of visibility into their networks, ensuring that their defensible architecture is continuously monitored and adjusted as needed.
This acquisition also expands Dragos’s reach, particularly in industries like electric, oil and gas, and manufacturing. Network Perception’s NP-View analyzes network segmentation and access paths, making it a critical part of NERC-CIP auditing for the electric sector. Its ability to map to regulations like TSA and key frameworks like IEC 62443 demonstrates the critical nature of the technology, and the importance of understanding potential access paths into OT as a critical component of protecting these environments from cyber attacks.
NP-View Simplifies Firewall Rules and Router/Switch Access Path Analysis
Remote access by third parties and employees is the #1 method that cyber criminals use to penetrate OT environments. Firewall policies and router/switch tables grow over time, becoming incredibly complex configurations that create unintended access paths into and through OT. Firewalls are critical for protecting the internet gateway. As policies change and grow over time, configurations can emerge that erode that protection. Firewall rule analysis ensures that the firewall configurations are optimized to allow only legitimate communications while blocking potential attack vectors. Firewalls are often the first line of defense, particularly at the internet gateway, but firewalls alone do not protect the inner layers of OT networks.
Router/switch access path analysis goes a step further, providing visibility into how traffic could travel within the network. This involves evaluating the router/switch configurations, from external access points through internal routers and switches, ensuring that there are no unintended or vulnerable paths for attackers to exploit. By mapping these access paths, NP-View enables organizations to visualize their network topology, ensuring that firewall policies and router/switch configurations enforce strict segmentation between OT and IT environments.
But proper analysis of both firewalls and router/switch configurations is a hugely complex undertaking.
NP-View offers network security analysis by modeling and visualizing network access pathways without the need for agents, configuration changes, or additional hardware. This lightweight, non-invasive platform rapidly identifies network misconfigurations, assesses risk, and provides evidence documentation to support continuous compliance checks and reports. NP-View generates continuous, automated topology maps, validates firewall rules, and verifies segmentation without disrupting operations. By mapping both current and potential pathways, NP-View bridges the gap between the observed network and network intent, helping teams identify misconfigurations, validate security controls, and ensure compliance with standards like NERC-CIP, TSA, and IEC 62443.
Adding Capability Aligned with the SANS ICS 5 Critical Controls
The acquisition of Network Perception strengthens Dragos’s ability to support the SANS ICS 5 Critical Controls for OT Cybersecurity:
- ICS Incident Response Plan – The Dragos Platform technology provides forensic data for incident response, helping organizations quickly detect, respond to, and recover from incidents. NP-View can provide a streamlined method to document network topologies and access policies as a key step in proactively preparing an incident response plan or identifying likely ingress points and paths as part of an incident investigation. In addition, Dragos provides expert responders that can assist with and help prepare for critical OT Incident Response events.
- Defensible Architecture – With NP-View’s firewall and router/switch analysis, organizations can ensure proper segmentation and access control to prevent unauthorized movement within OT networks. Additionally, our OT Cyber Service experts can evaluate your defenses with architecture reviews, network penetration tests, network vulnerability assessments, and tabletop exercises to identify and prioritize steps to better protection.
- ICS Network Visibility & Monitoring – Dragos has always led in OT network visibility and threat monitoring, with asset discovery and inventory, risk-based vulnerability management, threat detection, and response playbooks and digital forensics. NP-View enhances this by adding visibility into network topology, access paths, and segmentation. The combination is a unique dual-layer view of what is POSSIBLE and what is actually happening.
- Secure Remote Access – Dragos monitors and validates the controls around secure remote access, for all vendors. NP-View now adds insights into access paths to ensure secure, controlled access to critical OT assets, limiting exposure from remote connections.
- Risk-Based Vulnerability Management – The Dragos Platform provides risk-based vulnerability management for assets and devices within OT environments. NP-View adds capabilities to automate and continuously update network vulnerability assessments based on network topology and access risks, enabling you to prioritize areas that pose the greatest threat.
Download our guide to learn more about the SANS ICS 5 Critical Controls.
Looking Ahead
Network Perception’s NP-View will continue to operate as standalone software – a simple way to analyze network segmentation and access paths – as well as becoming a component of Dragos Platform SiteStore. This will provide a powerful dual-layer view of network paths and network communications. Additionally, the Network Perception leadership and team joins Dragos in our unified mission to protect critical infrastructure from growing threats targeting industrial networks.
Dragos’s acquisition of Network Perception is a critical step toward advancing the security of OT environments. The integration of firewall rule analysis, router/switch access path evaluation, and network segmentation ensures that organizations have a complete, dual-layer view of their OT environments. By focusing on both real-time network connections and potential attack paths, Dragos provides a comprehensive solution for defending critical infrastructure from evolving cyber threats.
Through this acquisition, Dragos continues to lead the way in securing industrial environments, aligning with the SANS ICS 5 Critical Controls, and delivering innovative technologies to keep vital systems safe and resilient.
Sign up to hear more about Dragos and Network Perception, including information about upcoming webinars.
Ready to put your insights into action?
Take the next steps and contact our team today.